We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Checkmarx (IaC-Security): APT-GET Missing '-y' To Avoid Manual Input Checkmarx Project: smaguilarcx/Webgoat_eu_CxOne Repository URL: https://github.com/smaguilarcx/Webgoat_eu_CxOne Branch: main Scan ID: 90adb9be-7e9c-4385-b96b-20f5c5abf263
Check if apt-get calls use the flag -y to avoid user manual input.
Locations:
Result 1: Severity: MEDIUM State: CONFIRMED Status: RECURRENT File: /Dockerfile_desktop[12,0] Expected value: {{RUN case $(uname -m) in x86_64) ARCH=x64;; aarch64) ARCH=aarch64;; *) ARCH=unknown;; esac && curl -LO https://github.com/zaproxy/zaproxy/releases/download/v2.12.0/ZAP_2.12.0_Linux.tar.gz && tar zfxv ZAP_2.12.0_Linux.tar.gz && rm -rf ZAP_2.12.0_Linux.tar.gz && curl -LO https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.6%2B10/OpenJDK17U-jre_${ARCH}_linux_hotspot_17.0.6_10.tar.gz && tar zfxv OpenJDK17U-jre_${ARCH}linux_hotspot_17.0.6_10.tar.gz && rm -rf OpenJDK17U-jre${ARCH}linux_hotspot_17.0.6_10.tar.gz && chmod +x /config/start_webgoat.sh && chmod +x /config/start_zap.sh && apt-get update && apt-get --yes install vim nano && echo "JAVA_HOME=/config/jdk-17.0.6+10-jre/" >> .bash_aliases && echo "PATH=$PATH:$JAVA_HOME/bin" >> .bash_aliases}} sould avoid manual input Actual value: {{RUN case $(uname -m) in x86_64) ARCH=x64;; aarch64) ARCH=aarch64;; *) ARCH=unknown;; esac && curl -LO https://github.com/zaproxy/zaproxy/releases/download/v2.12.0/ZAP_2.12.0_Linux.tar.gz && tar zfxv ZAP_2.12.0_Linux.tar.gz && rm -rf ZAP_2.12.0_Linux.tar.gz && curl -LO https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.6%2B10/OpenJDK17U-jre_${ARCH}_linux_hotspot_17.0.6_10.tar.gz && tar zfxv OpenJDK17U-jre${ARCH}linux_hotspot_17.0.6_10.tar.gz && rm -rf OpenJDK17U-jre${ARCH}_linux_hotspot_17.0.6_10.tar.gz && chmod +x /config/start_webgoat.sh && chmod +x /config/start_zap.sh && apt-get update && apt-get --yes install vim nano && echo "JAVA_HOME=/config/jdk-17.0.6+10-jre/" >> .bash_aliases && echo "PATH=$PATH:$JAVA_HOME/bin" >> .bash_aliases}} doesn't avoid manual input Review result in Checkmarx One: APT-GET Missing '-y' To Avoid Manual Input
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Checkmarx (IaC-Security): APT-GET Missing '-y' To Avoid Manual Input
Checkmarx Project: smaguilarcx/Webgoat_eu_CxOne
Repository URL: https://github.com/smaguilarcx/Webgoat_eu_CxOne
Branch: main
Scan ID: 90adb9be-7e9c-4385-b96b-20f5c5abf263
Check if apt-get calls use the flag -y to avoid user manual input.
Locations:
Result 1:
Severity: MEDIUM
State: CONFIRMED
Status: RECURRENT
File: /Dockerfile_desktop[12,0]
Expected value: {{RUN case $(uname -m) in x86_64) ARCH=x64;; aarch64) ARCH=aarch64;; *) ARCH=unknown;; esac && curl -LO https://github.com/zaproxy/zaproxy/releases/download/v2.12.0/ZAP_2.12.0_Linux.tar.gz && tar zfxv ZAP_2.12.0_Linux.tar.gz && rm -rf ZAP_2.12.0_Linux.tar.gz && curl -LO https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.6%2B10/OpenJDK17U-jre_${ARCH}_linux_hotspot_17.0.6_10.tar.gz && tar zfxv OpenJDK17U-jre_${ARCH}linux_hotspot_17.0.6_10.tar.gz && rm -rf OpenJDK17U-jre${ARCH}linux_hotspot_17.0.6_10.tar.gz && chmod +x /config/start_webgoat.sh && chmod +x /config/start_zap.sh && apt-get update && apt-get --yes install vim nano && echo "JAVA_HOME=/config/jdk-17.0.6+10-jre/" >> .bash_aliases && echo "PATH=$PATH:$JAVA_HOME/bin" >> .bash_aliases}} sould avoid manual input
Actual value: {{RUN case $(uname -m) in x86_64) ARCH=x64;; aarch64) ARCH=aarch64;; *) ARCH=unknown;; esac && curl -LO https://github.com/zaproxy/zaproxy/releases/download/v2.12.0/ZAP_2.12.0_Linux.tar.gz && tar zfxv ZAP_2.12.0_Linux.tar.gz && rm -rf ZAP_2.12.0_Linux.tar.gz && curl -LO https://github.com/adoptium/temurin17-binaries/releases/download/jdk-17.0.6%2B10/OpenJDK17U-jre_${ARCH}_linux_hotspot_17.0.6_10.tar.gz && tar zfxv OpenJDK17U-jre${ARCH}linux_hotspot_17.0.6_10.tar.gz && rm -rf OpenJDK17U-jre${ARCH}_linux_hotspot_17.0.6_10.tar.gz && chmod +x /config/start_webgoat.sh && chmod +x /config/start_zap.sh && apt-get update && apt-get --yes install vim nano && echo "JAVA_HOME=/config/jdk-17.0.6+10-jre/" >> .bash_aliases && echo "PATH=$PATH:$JAVA_HOME/bin" >> .bash_aliases}} doesn't avoid manual input
Review result in Checkmarx One: APT-GET Missing '-y' To Avoid Manual Input
The text was updated successfully, but these errors were encountered: